Best Joomla Podcasts (2024)

1
[discussion] A Retrospective and Future Look Into DAY[0] 1:03:55

18m ago1:03:55

1:03:55

Change is in the air for the DAY[0] podcast! In this episode, we go into some behind the scenes info on the history of the podcast, how it's evolved, and what our plans are for the future. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/253.html [00:00:00] Introduction[00:01:30] Early days of the …

1
[binary] Bypassing KASLR and a FortiGate RCE 29:47

29d ago29:47

29:47

Bit of a lighter episode this week with a Linux Kernel ASLR bypass and a clever exploit to RCE FortiGate SSL VPN. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/252.html [00:00:00] Introduction [00:00:29] KASLR bypass in privilege-less containers [00:13:13] Two Bytes is Plenty: FortiGate RCE with…

1
[bounty] RCE'ing Mailspring and a .NET CRLF Injection 43:19

1M ago43:19

43:19

In this week's bounty episode, an attack takes an XSS to RCE on Mailspring, a simple MFA bypass is covered, and a .NET CRLF injection is detailed in its FTP functionality. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/251.html [00:00:00] Introduction [00:00:20] Making Desync attacks easy with TR…

1
[binary] Future of Exploit Development Followup 46:41

1M ago46:41

46:41

In the 250th episode, we have a follow-up discussion to our "Future of Exploit Development" video from 2020. Memory safety and the impacts of modern mitigations on memory corruption are the main focus.

1
[bounty] libXPC to Root and Digital Lockpicking 45:35

1M ago45:35

45:35

In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/249.html [00:00:00] Introduction [00:00:21] Progress OpenEdge Authentication Bypass Deep-Dive [CVE-20…

1
[binary] Binary Ninja Free and K-LEAK 41:12

1M ago41:12

41:12

In this week's binary episode, Binary Ninja Free releases along with Binja 4.0, automated infoleak exploit generation for the Linux kernel is explored, and Nintendo sues Yuzu. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/248.html [00:00:00] Introduction [00:00:31] Binary Ninja Free [00:10:25] K…

1
[bounty] Hacking Google AI and SAML 29:38

1M ago29:38

29:38

A shorter episode this week, featuring some vulnerabilities impacting Google's AI and a SAML auth bypass. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/247.html [00:00:00] Introduction [00:00:31] We Hacked Google A.I. for $50,000 [00:17:26] SAML authentication bypass vulnerability in RobotsAndPe…

1
[binary] Rust Memory Corruption??? 40:11

2M ago40:11

40:11

VirtualBox has a very buggy driver, PostgreSQL has an Out of Bounds Access, and lifetime issues are demonstrated in Rust in "safe" code. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/246.html [00:00:00] Introduction [00:00:22] cve-rs [00:18:28] Oracle VM VirtualBox: Intra-Object Out-Of-Bounds Wr…

1
[bounty] A PHP and Joomla Bug and some DOM Clobbering 48:30

2M ago48:30

48:30

This week's episode features a cache deception issue, Joomla inherits a PHP bug, and a DOM clobbering exploit. Also covered is a race condition in Chrome's extension API published by project zero. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/245.html [00:00:00] Introduction [00:00:21] Cache Dec…

1
[binary] Linux Burns Down CVEs 51:49

2M ago51:49

51:49

Linux becomes a CNA and takes a stance on managing CVEs for themselves, and underutilized fuzzing strategies are discussed. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/244.html [00:00:00] Introduction [00:00:14] What to do about CVE numbers - The first article we bring up is the 2019 LWN artic…

1
[bounty] GhostCMS, ClamAV, and the Top Web Hacking Techniques of 2023 47:19

2M ago47:19

47:19

In this bounty episode, some straightforward bugs were disclosed in GhostCMS and ClamAV, and Portswigger publishes their top 10 list of web hacking techniques from 2023. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/243.html [00:00:00] Introduction [00:02:15] Ghost CMS Stored XSS Leading to Owne…

1
[binary] kCTF Changes, LogMeIn, and wlan VFS Bugs 33:53

2M ago33:53

33:53

Google makes some changes to their kCTF competition, and a few kernel bugs shake out of the LogMeIn and wlan VFS drivers. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/242.html [00:00:00] Introduction [00:00:29] Netfilter Tables Removed from kCTF [00:20:23] LogMeIn / GoTo LMIInfo.sys Handle Dupl…

1
[bounty] The End of a DEFCON Era and Flipper Zero Woes 1:16:22

2M ago1:16:22

1:16:22

DEF CON moves venues, the Canadian government moves to ban Flipper Zero, and some XSS issues affect Microsoft Whiteboard and Meta's Excalidraw. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/241.html [00:00:00] Introduction [00:00:33] DEF CON was canceled. [00:16:42] Federal action on combatting …

1
[binary] The Syslog Special 38:04

2M ago38:04

38:04

Libfuzzer goes into maintenance-only mode and syslog vulnerabilities plague some vendors in this week's episode. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/240.html [00:00:00] Introduction [00:00:20] LibFuzzer in Maintainence-only Mode [00:11:41] Heap-based buffer overflow in the glibc's sysl…

1
[bounty] Public Private Android Keys and Docker Escapes 48:22

2M ago48:22

48:22

This week we have a crazy crypto fail where some Android devices had updates signed by publicly available private keys, as well as some Docker container escapes. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/239.html [00:00:00] Introduction [00:00:22] Missing signs: how several brands forgot to …

1
[binary] Busted ASLR, PixieFail, and Bypassing HVCI 46:17

3M ago46:17

46:17

This week's binary episode features a range of topics from discussion on Pwn2Own's first automotive competition to an insane bug that broke ASLR on various Linux systems. At the lower level, we also have some bugs in UEFI, including one that can be used to bypass Windows Hypervisor Code Integrity mitigation. Links and vulnerability summaries for th…

1
[bounty] Reborn Homograph Attacks and Ransacking Passwords 1:14:00

3M ago1:14:00

1:14:00

A packed episode this week as we cover recent vulnerabilities from the last two weeks, including some IDORs, auth bypasses, and a HackerOne bug. Some fun attacks such as a resurface of IDN Homograph Attacks and timing attacks also appear. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/237.html [0…

1
[binary] Bypassing Chromecast Secure-Boot and Exploiting Factorio 51:44

3M ago51:44

51:44

A bit of a game special this week, with a Counter-Strike: Global Offensive vulnerability and an exploit for Factorio. We also have a Linux kernel bug and a Chromecast secure-boot bypass with some hardware hacking mixed in. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/236.html [00:00:00] Introdu…

1
[bounty] A GitLab Account Takeover and a Coldfusion RCE 34:36

3M ago34:36

34:36

A short bounty episode featuring some logical bugs in Apache OFBiz, a GitLab Account Takeover, and an unauthenticated RCE in Adobe Coldfusion. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/235.html [00:00:00] Introduction [00:00:20] SonicWall Discovers Critical Apache OFBiz Zero-day [00:11:40] […

1
[binary] Allocator MTE, libwebp, and Operation Triangulation 1:11:06

3M ago1:11:06

1:11:06

This week's highly technical episode has discussion around the exploitation of a libwebp vulnerability we covered previously, memory tagging (MTE) implementation with common allocators, and an insane iPhone exploit chain that targeted researchers. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/23…

1
[bounty] Spoofing Emails, PandoraFMS, and Keycloak 1:15:45

3M ago1:15:45

1:15:45

Kicking off 2024 with a longer episode as we talk about some auditing desktop applications (in the context of some bad reports to Edge). Then we've got a couple fun issues with a client-side path traversal, and a information disclosure due to a HTTP 307 redirect. A bunch of issues in PandoraFSM, and finally some research about parser differentials …

1
[binary] RetSpill, A Safari Vuln, and Steam RCE 56:51

4M ago56:51

56:51

A bit of a rambling episode to finish off 2023, we talk about some Linux kernel exploitation research (RetSpill) then get into several vulnerabilities. A type confusion in QNAP QTS5, a JavaScriptCore bug in Safari, and several issues in Steam's Remote Play protocol. Links and vulnerability summaries for this episode are available at: https://dayzer…

1
[bounty] IOT Issues and DNS Rebinding 53:44

4M ago53:44

53:44

A mix of issues this week, not traditionally bounty topics, but there are some lessons that can be applied. First is a feature, turned vulnerability in VS Code which takes a look at just abusing intentional functionality. Several XOS bugs with a web-console. A Sonos Era 100 jailbreak which involves causing a particular call to fail, a common bug pa…

1
[binary] Samsung Baseband and GPU Vulns 33:08

4M ago33:08

33:08

A Samsung special this week, starting off with two Samsung specific vulnerabilities, one in the baseband chip for code execution. And a stack based overflow in the RILD service handler parsing IPC calls from the baseband chip for a denial of service. Lastly a Mali GPU driver use-after-free.Links and vulnerability summaries for this episode are avai…

1
[bounty] Buggy Cookies and a macOS TCC Bypass 49:05

5M ago49:05

49:05

This week brings up a pretty solid variety of issues. Starting off with some cookie smuggling (and other cookie attacks) which presents some interesting research I hadn't really looked for before that has some potential. Then an AI alignment evasion to leak training data. Not the most interesting attack but it appears to open up some other ideas fo…

1
[binary] Hypervisor Bugs and a FAR-out iOS bug 55:10

5M ago55:10

55:10

This week kicks off with a a V8 misoptimization leading to out-of-bounds access, an unprotected MSR in Microsoft's Hypervisor allowing corruption of Hypervisor code. We also take a quick look at a 2021 CVE with an integer underflow leading to an overflow in the Windows Kernel low-fragmentation heap, and finally an interesting information leak due t…

1
[bounty] Kubernetes Code Exec and There Is No Spoon 34:33

5M ago34:33

34:33

This week we've got a few relatively simple bugs to talk about along with a discussion about auditing and manually analysis for vulnerabilities. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/227.html [00:00:00] Introduction [00:00:23] Introducing the Microsoft Defender Bounty Program [00:04:26] …

1
[binary] A Heap of Linux Bugs 54:17

5M ago54:17

54:17

Last week we brought you several Windows bugs, this week we are talking Linux kernel vulnerabilities and exploitation. We start off looking at a weird but cool CPU bug, Reptar, then we get into nftables, io_uring, and talk about a newer mitigations hitting Linux 6.6 that randomizes the caches allocations end up in. Links and vulnerability summaries…

1
[bounty] Prompting for Secrets and Malicious Extensions 50:52

5M ago50:52

50:52

This week has an interesting mix of issues, starting with a pretty standard template inject. Then we get into a Windows desktop issue, a TOCTOU in how the Mark-of-the-Web would be applied to file extracted from an archive, a privilege escalation from a Chrome extension, and a bit of a different spin on what you could do with a prompt injection. Lin…

1
[binary] A Bundle of Windows Bugs 46:05

5M ago46:05

46:05

We've got a few Windows bugs this week, but first a fun off-by-one null-byte write. Then we jump into a containerized registry escape, a browser escape with a very simple bug buried deep in the browser, and a kernel bug. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/224.html [00:00:00] Introduct…

1
[bounty] Usurping Mastodon and Broken Signature Schemes 39:45

5M ago39:45

39:45

Just a few issues this week, a Mastodon normalization issue leading to the potential to impersonate another account. Then we have a more complex chain starting again with a normalization leading to a fairly interesting request smuggling (CL.0 via malformed content-type header) and cache poisoning to leak credentials. Finally a crypto issue with a s…

1
[binary] MTE Debuts, DNS Client Exploits, and iTLB Multihit 1:05:59

5M ago1:05:59

1:05:59

As memory tagging (MTE) finally comes to a consumer device, we talk about how it may impact vulnerability research and exploit development going forward. Then we get into a few vulnerabilities including a DNS response parsing bug on the Wii U, an Adobe Acrobat bug that was exploited by a North Korean APT, and a CPU bug (iTLB Multihit). Links and vu…

1
[bounty] Attacking OAuth, Citrix, and some P2O Drama 52:50

5M ago52:50

52:50

Kicking off the week with a bit of Pwn2Own drama, then taking a look at an OAuth attack against Grammarly and a couple other sites, a fun little polyglot file based attack, and Citrix Bleed, a snprintf information disclosure vulnerability on the web. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast…

1
[binary] Windows Kernel Bugs, Safari Integer Underflow, and CONSTIFY 48:56

6M ago48:56

48:56

Diving right into some binary exploitation issues this week. Starting wtih a look at a rare sort of curl vulnerability where a malicious server could compromise a curl user. Then we take a look at a pretty straight-forward type confusion in Windows kernel code, and an integer underflow in Safari with some questionable exploitation. Ending the episo…

1
[bounty] Rapid Reset, Attacking AWS Cognito, and Confluence Bugs 29:52

6M ago29:52

29:52

We've got a mix of topics this week, started with a bit of discussion around the recent Rapid Reset denial of service attack, before diving into a few vulnerabilities. A Node "permissions" module escape due to having a fail-open condition when unexpected but supported types are passed in. Then we talk about some common AWS Cognito issues, a fun lit…

1
[binary] A Chrome RCE, WebP 0day, and glibc LPE 1:11:25

6M ago1:11:25

1:11:25

Some complex and confusing vulnerabilities as we talk about the recent WebP 0day and the complexities of huffman coding. A data-only exploit to escape a kCTF container, the glibc LPE LOONY_TUNABLES, and a Chrome TurboFan RCE. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/218.html [00:00:00] Intr…

1
[bounty] Insecure Firewalls, MyBB, and Winning with WinRAR 50:23

6M ago50:23

50:23

This week we've got some fun issues, including a WinRAR processing bug that results in code execution due (imo) to a filename adjustment when extracting that isn't performed consistently. A MyBB admin-panel RCE, fairly privileged bug but I think the bug pattern could appear elsewhere and is something to watch out for, And several silly issues in a …

1
[binary] Busted Stack Protectors, MTE, and AI Powered Fuzzing 1:09:59

7M ago1:09:59

1:09:59

A binary summer-recap episode, looking at some vulnerabilities and research put out over the summer. Talking about what TPM really offers when it comes to full-disk encryption, some thoughts on AI in the fuzzing loop. Then into some cool bugs, kicking off with some ARM Memory Tagging Extension vulnerabilities, a `-fstack-protector` implementation f…

1
[bounty] DEF CON, HardwearIO, Broken Caching, and Dropping Headers 1:18:31

7M ago1:18:31

1:18:31

We are back, and talking about our summer with a lengthy discussion about our DEF CON experiences before getting into some favorite issues from the summer. Including a neat twist on a PHP security feature that might be using in your bug bounty chains. A look at classic crypto issue (unauthenticated encrypted blobs), and an easily missed caching iss…

1
[binary] Exploiting VMware Workstation and the Return of CSG0-Days 56:18

11M ago56:18

56:18

This week we've got a handful of low-level vulns, VM-escape, Windows EoP, and a single IPv6 packet leading to a kernel panic/denial of service, and one higher-level issue with a bug chain in CS:GO. This is our final episode until September 25th as we will be heading off on our regular summer break. Links and vulnerability summaries for this episode…

1
[bounty] Jellyfin Exploits and TOCTOU Spellcasting 47:10

11M ago47:10

47:10

Another bug bounty podcast, another set of vulnerabilities. Starting off with a desktop info-disclosure in KeePass2 that discloses master passwords to attackers (with a high-level of access). A couple Jellyfin bugs resulting in an RCE chain, and a pretty classic crypto issue that allowed for renting luxury cars for extremely cheap. Links and vulner…

1
[binary] Attacking VirtualBox and Malicious Chess 50:40

11M ago50:40

50:40

This week we we've got a neat little printer corruption, a probably unexploitable stockfish bug, though we speculate about exploitation a bit. Then into a VirtualBox escape bug, and an Andreno "vulnerability". Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/212.html [00:00:00] Introduction [00:01:…

1
[bounty] OverlayFS to Root and Parallels Desktop Escapes 49:17

11M ago49:17

49:17

More bug bounty style bugs, but you'd be forgiven reading that title thinking we had a low-level focus this episode. We got some awesome bugs this week though from tricking Dependabot and abusing placeholder values, an IIS auth bypass. Ending off with a kernel bug (OverlayFS) and a VM escape (Parallels Desktop) Links and vulnerability summaries for…

1
[binary] TPMs and Baseband Bugs 39:12

11M ago39:12

39:12

This week we go a bit deeper than normal and look at some low level TPM attacks to steal keys. We've got a cool attack that lets us leak a per-chip secret out of the TPM one byte at a time, and a post about reading Bitlocker's secret off the SPI bus. Then we talk about several Shannon baseband bugs disclosed by Google's Project Zero. Links and vuln…

1
[bounty] Bad Ordering, Free OpenAI Credits, and Goodbye Passwords? 53:51

12M ago53:51

53:51

We open up this weeks bug bounty podcast with a discussion about Google's recent support for passkeys, tackling some misunderstanding about what they are and how open the platform is. Also some talk towards the end about potential vulnerabilities to look out for. Then we dive into the vulnerabilities for the week, involving bypassing phone validati…

1
[binary] A Timing Side-Channel for Kernel Exploitation and VR in the wake of Rust 42:01

12M ago42:01

42:01

Not a lot of interesting binary exploitation topics for this week, we've got a DHCPv6 service vuln, and a fun idea to use a timing side-channel to improve exploit stability. Then we end with a discussion about Rust coming the Windows operating system, what Rust means for the future of exploit development and vulnerability research and the value of …

1
[bounty] Git Config Injection and a Sophos Pre-Auth RCE 39:20

12M ago39:20

39:20

On this weeks bug bounty podcast we take a look at a few interesting issues. While they are all patched, there is reason to believe they'd all creep up in other applications too. First up is an RCE due to nested use of an escaped string. Second a fgets loop that doesn't account for long lines. A XML signature verification tool with a deceptive inte…

1
[binary] A Ghostscript RCE and a Windows Registry Bug 38:39

12M ago38:39

38:39

This week's binary exploitation episode has some pretty solid bugs.A string escaping routine that goes out of bounds, a web-based information disclosure. And a couple kernel issues, one in the Windows registry, a logical bug leading to memory corruption, and an AppleSPU out of bounds access. Links and vulnerability summaries for this episode are av…

1
[bounty] SecurePoint UTM, Chfn, and Docker Named Pipe Vulns 37:44

12M ago37:44

37:44

For this week's bug bounty podcast We start off with a bit of a unique auth bypass in a firewall admin panel. We've also got a couple desktop-based software bugs, with a Docker Desktop privilege escalation on windows, and a chfn bug. We've also got a couple escalation techniques, one for Azure environments, and another trick for exploiting semi-con…

1
[binary] Glitching the Wii-U and Integer Overflows 53:31

1y ago53:31

53:31

We start with a hardware/glitching attack against the Wii U, then lets talk about integer overflows. We've got three integer overflows this week that lead to buffer overflows in different ways. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/204.html [00:00:00] Introduction [00:00:19] Spot the Vul…

Podcasts Worth a Listen

Joomla Podcasts

Podcasts Worth a Listen

Quick Reference Guide